Razer mouse software bug allows Windows administrator privileges

Although Microsoft is working tirelessly to remove this stigma, Windows still retains the image of an operating system

system, which is often too easycompromise. Many such exploits occur on the remote side when people click on suspicious links or download software from unofficial sources.

However, there comes a time when to hack the systemit becomes almost too easy, for example, when you plug in a Razer mouse, which in turn starts a process that allows almost anyone with physical access to a computer to gain system-level administrator rights.

Windows users are accustomed to the concept“Plug and Play”, when new peripherals “just work” when connected. This typically involves using a program that runs automatically to download and install device drivers and configure the PC to recognize the external device. This system is used by almost all known Windows accessories, suggesting that this particular zero-day vulnerability is not exclusive to Razer.

What makes the issue more serious is thatthat Razer's Synapse software installer makes this process too easy. Synapse – is an application that allows users to customize Razer hardware with advanced features such as key and button remapping. The Synapse installer automatically launches when you connect your Razer mouse, and this is where the bug crept in.

RazerInstaller program.exe, of course, runs with system-level privileges to make any changes to a Windows PC. However, it also allows the user to open an instance of File Explorer with the same permissions and launch PowerShell, which will allow them to do whatever they want to the system, including installing malware. After receiving no response from Razer, security researcher @j0nh4t decided to publicly disclose the vulnerability.

Need local admin and have physical access?
– Plug a Razer mouse (or the dongle)
– Windows Update will download and execute RazerInstaller as SYSTEM
– Abuse elevated Explorer to open Powershell with Shift+Right click

Tried contacting @Razer, but no answers. So here's a freebie pic.twitter.com/xDkl87RCmz

- jonhat (@ j0nh4t) August 21, 2021

The good news is that thisThe exploit requires an attacker to physically access the target Windows computer and the Razer mouse. The latter, of course, is sold at every step, and it is not difficult to buy it. Breaking the silence, Razer acknowledged the bug and promised to release a fix as soon as it can, although this still raises the question of how many installers have similar security holes.

Source: @j0nh4t

</ p>